Accenture responsible disclosure

The following Responsible Disclosure Guidelines describe the voluntary program through which Accenture will engage with parties who identify and report to Accenture potential security vulnerabilities. These Responsible Disclosure guidelines offer direction for identifying and submitting information regarding potential vulnerabilities to Accenture, and apply only to disclosure of potential vulnerabilities affecting systems owned or controlled by Accenture; not to those affecting any other systems, including those owned or controlled by any Accenture clients, business partners, or others.

Reporting parties are encouraged to contact Res.Disclosure@accenture.com with any questions regarding this Responsible Disclosure, including any testing activities and/or secure reporting under it.

As a general rule, Accenture does not provide compensation in exchange for information pertaining to security vulnerabilities under this Responsible Disclosure. Compensation offered in exceptional circumstances is at our sole discretion.

Accenture may choose not to contact or otherwise interact with reporters who decline to identify themselves when making the report.

Accenture will deal in good faith with reporting parties who comply with this Responsible
Disclosure.

For parties who conduct security research and vulnerability disclosure activities in accordance with the guidelines of this Responsible Disclosure, (1) Accenture will not initiate or recommend any law enforcement or civil lawsuits related to such activities, and (2) in the event of any law enforcement or civil action brought by anyone other than Accenture, Accenture will take reasonable steps to make known that the activities of the affected parties(s) were conducted pursuant to and in compliance with this Responsible Disclosure.

Accenture may choose to disregard submissions by parties who submit a high volume of low quality reports.

Activities conducted under this Responsible Disclosure must be limited exclusively to the
following:

Testing to detect a potential vulnerability or to identify an indicator related to a potential vulnerability; or

Sharing information with Accenture, or receiving information from Accenture, related to a potential vulnerability.

Accenture does not authorize, permit, or otherwise allow (expressly or impliedly) anyone to
engage in any illegal activity. If you engage in any activities that are inconsistent with this Responsible Disclosure or the law, you may be subject to criminal and/or civil liabilities.

Parties conducting activities under this Responsible Disclosure must do no harm, including but not limited to exploiting any security vulnerability beyond the minimal amount of testing required to demonstrate that a potential vulnerability exists; intentionally accessing the content of any communications, data, or information transiting or stored on Accenture network(s) or system(s); compromising the privacy or safety of Accenture employees, Accenture customers or any third parties; intentionally compromising the intellectual property or other commercial or financial interests of Accenture, Accenture employees, Accenture customers, or any third parties; or posting, transmitting, uploading, linking to, sending, executing, or storing any malicious software on any Accenture network(s) or system(s).

Reporting parties must allow Accenture an opportunity to correct a potential vulnerability
within a reasonable timeframe before publicly disclosing the identified issue, in order to
ensure that Accenture has developed and thoroughly tested the solution to such issue.

Parties conducting activities under this Responsible Disclosure must comply with all applicable federal, state, and local laws applicable with security research activities or any other activities under this Responsible Disclosure.

To the extent that any security research or vulnerability disclosure activity involves the networks, systems, information, applications, products, or services of any non-Accenture entity, such non-Accenture entity may independently determine whether to pursue legal action or remedies related to such activities.

Accenture reserves the right, in its sole discretion, to modify the terms of this Responsible Disclosure or terminate this Responsible Disclosure at any time.

Select your location

We were unable to find a match for "$searchstring." Try searching again by using different or more general keywords and check for spelling errors.

RECOMMENDED CONTENT

FILTER RESULTS

FILTER RESULTS

Connect with our Talent Community

Personalize your Accenture Career search and receive tailored news, insights and job alerts. Join our Talent Connection to learn more about the challenging and rewarding career opportunities offered by Accenture.